Trojan

MSIL/TrojanDownloader.Agent.LRZ removal tips

Malware Removal

The MSIL/TrojanDownloader.Agent.LRZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.LRZ virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.LRZ?



File Info:

name: 9A4542F209E5BADA7C01.mlw
path: /opt/CAPEv2/storage/binaries/c4afcede4f0b359ef5af233a39b9bc708b83b10210d1b7264c46618945245fb6
crc32: 16337E18
md5: 9a4542f209e5bada7c01ca35de2ae40c
sha1: d561d32017dd66f3f812dc7dca116bc116077aa3
sha256: c4afcede4f0b359ef5af233a39b9bc708b83b10210d1b7264c46618945245fb6
sha512: b08a7a8a3a6e51fe218580e039c8cbda0f24c67496f1a19ba42f75f36405fb36943f459dbf4ed236061f235a911d69857a25d16fea59c83a1e99bc3362dd5916
ssdeep: 384:TIeRcMAt2tmkuNW2E+GWfKu5SerHqw0xJfUx4BedkoMZiLs6XuW7KL2eQMqpJPEg:V+CmtNW2XferxWnzLgpL98Tj3eu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D113C44133ACA737D47B4BFCAAB4980157F13497F591E64D8DD260CA15BAFC08860E6B
sha3_384: 5f935660916294fa89e73eb958695649a325c7476928aa0e5fd921e5af3522b194bdcf5f377d2ffa46ffbd76e7b066e3
ep_bytes: ff250020400000000000000000000000
timestamp: 2106-02-04 22:59:19


Version Info:

Translation: 0x0000 0x04b0
FileDescription: Salman
FileVersion: 0.0.0.0
InternalName: Salman.exe
LegalCopyright:  
OriginalFilename: Salman.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/TrojanDownloader.Agent.LRZ also known as:

BkavW32.AIDetectNet.01
LionicTrojan.MSIL.Injuke.4!c
CynetMalicious (score: 100)
McAfeeRDN/Generic Downloader.x
MalwarebytesTrojan.Downloader.MSIL.Generic
ZillyaTrojan.Injuke.Win32.20425
CyrenW32/MSIL_Kryptik.EHH.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.LRZ
TrendMicro-HouseCallTROJ_GEN.R002C0PEP22
Paloaltogeneric.ml
KasperskyHEUR:Trojan.MSIL.Injuke.gen
AlibabaTrojan:MSIL/Injuke.5c238ade
ViRobotTrojan.Win32.Z.Injuke.45056
AvastWin32:Malware-gen
RisingTrojan.Generic/MSIL@AI.98 (RDM.MSIL:IKYdSjmaVVkIEbh4VFrTeQ)
TrendMicroTROJ_GEN.R002C0PEP22
McAfee-GW-EditionRDN/Generic Downloader.x
SophosMal/Generic-R
WebrootW32.Trojan.Gen
AviraTR/Redcap.jbrbu
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmHEUR:Trojan.MSIL.Injuke.gen
AhnLab-V3Trojan/Win.Generic.C5111593
CylanceUnsafe
APEXMalicious
TencentMsil.Trojan.Injuke.Htvp
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.74181957.susgen
FortinetW32/Malicious_Behavior.SBX
AVGWin32:Malware-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove MSIL/TrojanDownloader.Agent.LRZ?

MSIL/TrojanDownloader.Agent.LRZ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment